Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Pages: [1] 2

Author Topic: Decrypting the configuration file on a Huawei HG635  (Read 18027 times)

Ayosi

  • Just arrived
  • *
  • Posts: 5
Decrypting the configuration file on a Huawei HG635
« on: June 09, 2015, 05:10:08 PM »

I wrote a Python program to decrypt and encrypt the configuration file.

To decrypt a configuration file use:
      python hg635_configtool.py decrypt input_file output_file
      
To encrypt a configuration file use:
      python hg635_configtool.py encrypt input_file output_file
      
You can download it http://pastebin.com/JbZjygY3
I don't have a HG635 router to test this so use it at your own risk...
Logged

burakkucat

  • Global Moderator
  • Senior Kitizen
  • *
  • Posts: 32500
  • Over the Rainbow Bridge
    • The ELRepo Project
Re: Decrypting the configuration file on a Huawei HG635
« Reply #1 on: June 09, 2015, 06:12:44 PM »

Thank you for providing that tool. I don't have a Huawei HG635, either, so I am unable to try it out.
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

npr

  • Reg Member
  • ***
  • Posts: 259
Re: Decrypting the configuration file on a Huawei HG635
« Reply #2 on: June 09, 2015, 09:52:57 PM »

Absolutely brilliant!   :yay: :yay:

I've decrypted a couple of HG635 conf files and it works perfectly, I can see where telnet is disabled.

I've yet to encrypt a file and restore it -- hopefully tomorrow.

Thanks so much for providing this tool.
Logged

les-70

  • Kitizen
  • ****
  • Posts: 1255
Re: Decrypting the configuration file on a Huawei HG635
« Reply #3 on: June 10, 2015, 09:33:22 AM »

   Seconded -- amazing.    :yay: Like npr I have yet to try the reverse step.  I looks easy to enable telnet and it will be interesting to see if the previous telnet enabled security issues reoccur when the change is made this way.  If they do we will need to understand the firewall setup instructions
Logged

broadstairs

  • Kitizen
  • ****
  • Posts: 3464
Re: Decrypting the configuration file on a Huawei HG635
« Reply #4 on: June 10, 2015, 09:54:30 AM »

I have a few HG635 config files from when I was running it and two decrypt OK but two others come up with Bad config file ... exiting these are from the very first backup when I initially got me HG635 from TT. Interestingly I can only find Telnet being active in my config files which do decrypt unless I'm looking in the wrong place.

Stuart
Logged
ISP:TalkTalk Connection:FTTC Cab:ECI Router:Netgear D6220

npr

  • Reg Member
  • ***
  • Posts: 259
Re: Decrypting the configuration file on a Huawei HG635
« Reply #5 on: June 10, 2015, 07:06:22 PM »

I started afresh with firmware 1.016t, reset it to factory default and backed up the conf file.
This new conf file decrypted ok, I then enabled telnet by changing the following line:

<X_ServiceManage TelnetEnable="1" TelnetPort="23" KeyEquipMode="0" ConsoleEnable="" UseNewConfig="0" CircleTestDevice=""

The modified file encrypted without any problems and restored ok to the HG635, testing showed telnet was enabled. Login: admin / admin
I've now got the HG635 connected to the internet and so far "shields up" shows port 23 to be stealthed.
I'll leave it running for a week to be sure port 23 doesn't become open to the world. Once I confident the port stays stealth I'll upload my modified conf file for others to use.

Thanks again Ayosi for this decryption / encryption tool.  :clap:
« Last Edit: June 10, 2015, 09:22:25 PM by npr »
Logged

les-70

  • Kitizen
  • ****
  • Posts: 1255
Re: Decrypting the configuration file on a Huawei HG635
« Reply #6 on: June 10, 2015, 07:52:02 PM »

  Also a complete success here and nice to have the telnet login admin/admin.   Many thanks for this           Ayosi.  I will keep an eye on Shields up as previously things did not go wrong straight away.

  Out of interest how did you go about the task working out how to do it.  I am sure it is beyond me but I would be interested to have a rough idea
Logged

kitzuser87430

  • Reg Member
  • ***
  • Posts: 430
Re: Decrypting the configuration file on a Huawei HG635
« Reply #7 on: June 10, 2015, 08:23:38 PM »

Thanks.....I decrypted my conf file, edited the CLI username and encrypted and restored the config.

No problems.

Ian
Logged

broadstairs

  • Kitizen
  • ****
  • Posts: 3464
Re: Decrypting the configuration file on a Huawei HG635
« Reply #8 on: June 13, 2015, 11:34:44 AM »

One thing about this, it would also be good if we could change the passwords. So does anyone know how to generate the hashed passwords which appear in the decrypted config files?

Stuart
Logged
ISP:TalkTalk Connection:FTTC Cab:ECI Router:Netgear D6220

npr

  • Reg Member
  • ***
  • Posts: 259
Re: Decrypting the configuration file on a Huawei HG635
« Reply #9 on: June 13, 2015, 02:27:16 PM »

When telnet is enabled this way the telnet password username becomes admin / admin the same as the GUI.
I believe you can change the GUI's password in the GUI, you could try that and see if it also changes the telnet password.
Logged

broadstairs

  • Kitizen
  • ****
  • Posts: 3464
Re: Decrypting the configuration file on a Huawei HG635
« Reply #10 on: June 13, 2015, 05:36:06 PM »

When telnet is enabled this way the telnet password username becomes admin / admin the same as the GUI.
I believe you can change the GUI's password in the GUI, you could try that and see if it also changes the telnet password.

No it does not because as soon as I loaded the config I reset the admin p/w but telnet stayed the same.

Maybe you can do it via telnet, I'll take a look.

Stuart
Logged
ISP:TalkTalk Connection:FTTC Cab:ECI Router:Netgear D6220

npr

  • Reg Member
  • ***
  • Posts: 259
Re: Decrypting the configuration file on a Huawei HG635
« Reply #11 on: June 13, 2015, 05:56:07 PM »

Yes your right, there looks to be two instances of password / username in the conf file.

for the WEB GUI
Quote
<X_Web Timeout="30" QuickConfigured="1">
<UserInfo NumberOfInstances="1">
<UserInfoInstance InstanceID="1" Username="admin" Userpassword="Ozgo8BYclaAK2X6zNJYepz1zqjFMhsmITvAGAMcsPcqA6uot79n1NnaGkC0Fkq/Widdyl29mxYwY9X2uROW3fGfZwL5HIGyxgEXIuMQxE+U=" Userlevel="2" UserpasswordSource="" EnablePasswdPrompt="0" UserpasswdPrompt=""/>
</UserInfo>
</X_Web>
And for the CLI
Quote
<X_Cli>
<UserInfo NumberOfInstances="1">
<UserInfoInstance InstanceID="1" Username="admin" Userpassword="PPOLwiqNO3lE3enntnka40==" Userlevel="0"/>
</UserInfo>
</X_Cli>
Logged

broadstairs

  • Kitizen
  • ****
  • Posts: 3464
Re: Decrypting the configuration file on a Huawei HG635
« Reply #12 on: June 13, 2015, 06:14:16 PM »

I also discovered that if you try to add lines and encrypt it will not load the new config file so there must be something in there which tells the router you have messed with the file!

Stuart
Logged
ISP:TalkTalk Connection:FTTC Cab:ECI Router:Netgear D6220

broadstairs

  • Kitizen
  • ****
  • Posts: 3464
Re: Decrypting the configuration file on a Huawei HG635
« Reply #13 on: June 13, 2015, 10:06:30 PM »

OK ref passwords I got myself a tad confused here. When you change the admin password using the web page it also changes the telnet password to be the same although it does not alter the telnet username. Now that's settled I am happy and have a correctly configured HG635 I can use in place of my VMG8924 which has to be returned to ZyXEL (see other thread).

Stuart
Logged
ISP:TalkTalk Connection:FTTC Cab:ECI Router:Netgear D6220

mrben100

  • Just arrived
  • *
  • Posts: 3
Re: Decrypting the configuration file on a Huawei HG635
« Reply #14 on: December 03, 2015, 09:22:25 AM »

Could someone please help me how to use this tool i have the tool and the config file what should i do next i have no experience with python.
thanks
Logged
Pages: [1] 2
 

anything